|Derbycon 2012 Day 1|
Derbycon 2012 Day 1
Keywords: derbycon; hacking; security; louisville
dojocon, hacking, security http://Dojocon.org http://hackerspaces.org/wiki/Reverse_Space Tiffany Strauchs Rad, @tiffanyrad International Cyber Jurisdiction: âKill Switchingâ Cyberspace, Cyber Criminal Prosecution & Jurisdiction Hopping John Strauchs, @strauchs Security and IT Convergence Richard Goldberg, @GoldbergLawDC Rules of Engagment: Mitigating Risk in Information Security Work Jon McCoy Ninja Patching .NET Marco Figueroa, @marcofigueroa & Kevin Figueroa Detecting & Defending You Network...
Keywords: dojocon; hacking; security
|Outerz0ne 8 (2012)|
Videos from Outerz0ne 8 (2012).
Keywords: hacking; security; con; Outerz0ne
|Derbycon 2012 Day 3|
Derbycon 2012 Day 3
Keywords: derbycon; hacking; security; louisville
|FreeBSD jail(8), A Secure Virtual Machine - Ike|
Early unix mainframe computing brought elegant process and resource sharing systems which helped get more application use out of expensive hardware. These concerns have been largely been pushed aside in computing with the rise of desktop PCs, and large farms of ever-shrinking pizza boxes in the data center. Today, as more punch gets packed into 1u than ever, server resources can be further consolidated and abstracted to securely separate complex and sophisticated services in the same hardware se...
|OHM2013: Breaking The Taboo (With QA) (film screening)|
Screening of cult film "Breaking the Taboo" - a documentary uncovering the failure of the UN sanctioned war on drugs followed by Q&A with Countess Amanda Fielding of the Beckley Foundation, Annie Machon of Law Enforcement Against Prohibition (LEAP), and John Gilmore The War on Drugs has failed. After 50 years of prohibition, illicit drugs are now the third most valuable industry in the world after food and oil, all in the control of criminals...
Keywords: OHM2013; talk; Amanda Fielding; Annie Machon; John Gilmore; screening; beckley foundation; LEAP; Law Enforcement Against Prohibition; prohibition; drug; drugs; narcotics
|BruCON 2010: You Spent All That Money And You Still Got Owned... by Joseph McCray|
This talk will focus on practical methods of identifying and bypassing modern enterprise class security solutions such as Load Balancers, both Network and Host-based Intrusion Prevention Systems (IPSs), Web Application Firewalls (WAFs), and Network Access Control Solutions (NAC). The goal of this talk is to show IT Personnel the common weaknesses in popular security products and how those products should be configured.
|OHM2013: Jean-Michel Friedt (jmfriedt) - Hacking the radiofrequency spectrum: GNURadio as a signal processing prototyping tool|
GNURadio as a signal processing prototyping tool for becoming familiar with analog and digital communication methods. We demonstrate the use of this software environment for implementing new digial communication mode decoding algorithms, qualifying low frequency circuits by using the audio card as a network analyzer, all the way to developing a FMCW RADAR. Radiofrequency communication has become ubiquoutous in the daily life of most of the western and south east asian population...
Keywords: OHM2013; talk; jmfriedt; Jean-Michel Friedt; ACARS; DVB; radio; FMCW RADAR; GNURadio; WTH; WTH2005; What the hack; SDR; Software Defined Radio; signal processing
|OHM2013: Ajin Abraham - Abusing Exploiting and Pwning with Firefox Add-ons|
Videos from AIDE 2012 Videos embedded at http://www.irongeek.com/i.php?page=videos/aid2012/mainlist
Keywords: hacking; security; forensics
|Bsides Cleveland 2012 BsidesCLE|
Videos from Bsides Cleveland 2012 All videos and download links are at: http://www.irongeek.com/i.php?page=videos/bsidescleveland2012/mainlist
Keywords: security; hacking
|Derbycon 2012 Day 3 A|
Derbycon 2012 Day 3
Keywords: derbycon; hacking; security; louisville
|Do it yourself: Building an Enterprise Class Surveillance System - Joel Wilbanks|
Building an enterprise class surveillance system (ECSS) is not as complicated as it sounds. Constructing a system with all the bells and whistles only takes a desire to save the company money and the ability to research and evaluate products currently available in the industry. In January 2004 I proved this theory by constructing an effective ECSS without any prior knowledge of surveillance. From inception to project completion, there were several security companies (some VERY large and well kno...
|Technology Standards in Education - Michael Nugent|
Google "children algorithm". The search yields mostly pages suggesting that "if children can learn algorithms, so can adults". These pages then enumerate ways to facilitate learning in adults, rather than children. Disappointingly, most comparisons focus only on the open-mindedness of children, and not their innate programming abilities. With the most famous research being done by Seymour Papert, a student of Piaget, founder of LEGO Mindstorm, and creator of LOGO,there is an abundance of evidenc...
|DEFCON Documentary Premiere: Ambient Sound and Q&A - Jason Scott|
Ambient audience recording of the DEFCON Documentary Premiere and Question/Answer Session, which took place on August 1, 2013 at DEFCON 21. The full recording of the audience reaction, recorded from the podium. Roughly 1000 people were in attendance. The second track is the Q&A from the session, including director Jason Scott, producer Rachel Lovinger, Executive Producers Jeff Moss and Russ Rogers...
Keywords: DEFCON Documentary
|OHM2013: Hans de Raad/hcderaad - Alternative To Commercial Web Analytics Tools A Cookie Story|
Talk aimed at the current state of EU cookie/privacy laws and how to utilize open source software to comply with that. As a lot of things on the web, techniques that were once invented with a pretty clear scope (or seemingly so) usually don't take long to find multiple use cases. In case of cookies, the nicest form of this is persisting session states between HTTP requests, the nastier form is the mechanism with which a lot of sites knowingly hand over visitor-logging to third parties (with real...
Keywords: OHM2013; talk; piwik; cookies; Hans de Raad; drupal
|OHM2013: Phons Bloemen - Abuse Information Exchange|
The Abuse Information Exchange is a project to help abuse desks of ISPs gathering the information about zombies and contaminated machines inside the networks(AS numbers) they are responsible for. The exchange will gather the information, correlates and splits it up by AS number and provide it in a generic, human and machine readable format This project is done by the 7 big access ISPs in NL. It is currently running in a pilot phase, with the information provided by Shadowserver...
Keywords: OHM2013; talk; Phons Bloemen; lightning talk; abuse information; Abuse Information Exchange; networking; ISP; Internet Service Provider; shadowserver; reliable notifiers; ASN; IP; netherlands; holland; The Netherlands
|OHM2013: Quux - ColoClue lightening talk|
Introduction to ColoClue and why you want to become a member.http://coloclue.net/https://program.ohm2013.org/event/386.html
Keywords: OHM2013; talk; lightning talk; ColoClue; quux
|OHM2013: Vinay Gupta - One Network. One World. Designing For A 7 Plus Billion Person World.|
Within 10 years, the villages and slums of the world are going to join the internet, unleashing revolutions in education, connectivity, and potentially politics. In this talk we will discuss engineering out way out of a global crisis that few are even willing to full acknowledge: we are slaughtering the poor and killing the ecosystem we evolved in at an ever-increasing rate, while our governance structures regulate the only structure humanity has built which might scale to provide a solution...
Keywords: OHM2013; talk; Vinay Gupta; networking; network design
|OHM2013: RFguy - Masterkey Systems in private, industry and public infrastructure|
A View about mechanical/electronic Masterkey Systems that use at your home, in comercial installations and even critical public infrastructure. Analyse of possible attaks and masterkey generation. Take a view to the technical Background of mechanic and electronic Masterkey Systems. A detailed view different Variants of mechanical construction of these systems, advance and disadvance. Generation of the Masterkey without knowing it's mechanical data, defeats the security of obscurity, what is the ...
Keywords: OHM2013; talk; security; masterkey; RFguy
|OHM2013: Sprite_tm - Hard Disks More Than Just Block Devices|
In this talk, we take a look at one of the more obscure parts of an hard disk: the HD controller. In any cheapo disk, it should do nothing more than channel bits between the SATA-port and the heads on the platter, but what does it actually consist of? And can we make it do some more interesting things? From an OS view, a hard disk is a very simplistic device: any block you write to it, you can read back later in it's exact same form...
Keywords: OHM2013; Sprite_tm; Jeroen; hard disk; controllers; hack; porting; linux
|Hack3rcon 3 (2012)|
Videos of the talks from Hack3rcon 3 (2012)
Keywords: hacking; security; hack3rcon
|Pen-testing practice in a box: How to assemble a virtual network|
Pen-testing practice in a box How to assemble a virtual network Presenter: Jeremy Druin
Keywords: hacking; security
|OHM2013: Pedro Noel - The Associated Whistle-Blowing Press|
Present the initiative of the Associated Whistle-Blowing Press, AWP, a decentralized network of whistle-blowing platforms and international newswire focused on denouncing human-rights violations. About the AWP The Associated Whistle-Blowing Press (AWP) is a not-for-profit information agency to be based in Iceland, dedicated to bringing forth and analyzing leaked information coming from different sources around the world...
Keywords: OHM2013; lightening talk; associated whistle-blowing press; whistleblowing; press; Pedro Noel
|OHM2013: The Center for Genomic Gastronomy - FoodPhreaking: Hacking the Food System Beyond the Screen and Outside of the Home Kitchen|
Hacker and maker communities are increasingly interested in food, food politics and food security. From open source kitchen hardware, to recipe databases there are many natural crossovers. However, food is not code. This talk will present a few projects that are attempts at hacking the food system beyond the screen and outside of the home kitchen. We will have copies of our new journal 'FoodPhreaking" on hand...
Keywords: OHM2013; talk; The Center for Genomic Gastronomy; foodphreaking; hacking; food; gastronomy
|One Last Time: The Hacking/Phreaking History Primer - Jason Scott Sadofsky|
Presented at The Last Hope, Hotel Pennsylvania, New York City, NY. Historian Jason Scott covers a broad range of hacker history subjects, focusing on providing the tools for understanding the context of hacking and computer history. Subjects covered include 1800-era hacker cons, myths in the Hacker "story", names and events likely forgotten, and some of the touchstones of what hackers consider their lore.
Keywords: Hacking; phreaking; jason scott
|Pen-testing practice in a box :How to assemble a virtual network|
http://www.irongeek.com/i.php?page=videos/pen-testing-practice-in-a-box-how-to-assemble-a-virtual-network This is a re-upload, the last one had audio issues Presenter: Jeremy Druin Topics Virtual Box Installation Installing virtual machines Configuring virtual networks - bridged, nat, hostonly USB devices in virtual machines Wireless networks in virtual machines Installing Guest Additions How to install Mutillidae in Windows on XAMPP How to install Mutillidae in Linux Samurai Video Tutorials: ww...
Keywords: hacking; mutillidae; owasp; security
|OHM2013: Tim Becker - Another Rambling About EMV|
A brief introduction to EMV, the protocol spoken between smart card based credit cards and terminals. A mixture of plastic and RF, bits, bytes and anecdotes, based around a single payment transaction performed live on stage. My talk will be an introduction helping beginners to start playing around with (chip based & contactless) credit cards and provide some deeper insight for people with knowledge of chip card but little knowledge of EMV...
Keywords: OHM2013; talk; EMV; Tim Becker; Chip&PIN; visa; mastercard; 29C3
|Hardening Registration Number Protection Schemes Against Reverse Engineering with Multithread Petri Net - Thorsten Schneider|
|0wn the C0n 2006! - Beetle|
Whether you've noticed it or not, there's a trendy opinion emerging, amongst the folks around you, that the smaller hacker cons are where it's at. Fewer crowds, more clue. Less traffic, cooler tools. Fewer feds, more friends. ToorCon is the standard. CanSecWest is the cold kick-ass con. Creative genius abounds at CodeCon. LayerOne is the nifty newbie. Notacon, Phreaknic, etc. rock you. And in D.C., for the second year running, we have ShmooCon, which might actually have more feds than any other ...
Keywords: Shmoocon; Beetle; Own the Con; 2006; Hacker Conferences
|Vintage Computer Festival East 2.0 (2004) Audio - Vintage Computer Festival East|
Vintage Computer Festival East 2.0 July 16th-17th, 2004 Sun Microsystems Burlington, Massachusetts Campus >Atari 7800 20th Anniversary: Curt Vendel and Steve GolsonCurt Vendel and Steve Golson take a look back at an incredible game console. The Atari 7800 was slated for original release in June of 1984 despite the lackluster videogaming market. But due to a change in management at Atari, the console was delayed by two years and wasn't introduced to market until 1986...
Keywords: vintage east; vintageeast; conference; anarchivism
|Publishing the Unpublished - Julian Assange|
|Squarewave to Heaven: An Introduction to Chiptune - Nullsleep|
An entire generation has now grown up with the likes of Atari, Nintendo, Sega and many other console systems, not to mention the "classic plastic" home computers of the 1980s. Throughout these last 25 years, the unmistakable sound of 8-bit chips have pervaded their ears and become a background soundtrack to their lives. Now, an entire scene of artists are using this unique and unmistakable sound to push musical boundaries, both recalling and outdoing what came before...
|Telecommunications Q&A Session - Paul Timmins|
Do you have questions about telephony and telecommunications but don't know where to ask? Look no further! For 1 hour, no reasonable telecom question is off limits. Afraid of looking stupid asking? We'll have an anonymous question submission fishbowl up front so nobody has to know you don't know the answer! Questions will be answered by Paul Timmins, Network Manager at a CLEC, Myself (if he's interested), and others...
|Hacking Headhunters - Drew Ivan|
Recruiters use a variety of tools and processes in their goal of moving talent from one company to another as fast as possible. Whether you are talent in search of a new company, a company in search of new talent, or a company attempting to protect your existing talent, you can benefit from understanding the systems in use by headhunters. Drew is a software engineer and a nerd who has worked in many industries, including the executive recruiting indusry.
|The Bad Guys are Winning - So Now What - Ed Skoudis|
|Online Communities and the Politics of DDoS - Seth Hardy|
Like meetings in public spaces, online communities often are faced with the problem of policing themselves against people who only wish to disrupt things. This is even worse on the Internet, where bandwidth is cheap, botnets are easy to create, anonymity trumps fear of repercussions, and many people think denial of service attacks are completely legitimate ways to show off the size of one's e-penis...
|Hacking from the Restroom - Bruno Goncalves|
|Side Channel Analysis on Embedded Systems - Job De Haas|
|Secrets of the Dead Phone Guy - Friends of Dan Kaye|
In April 2003 at Rubi-con 5, Dan Kivel, aka "Dankaye" gave a profane, intense discussion of the trials, tricks and tribluations of a phone repairman. He covered social engineering, the interactions with customers, and ribald tales of phone insanity in his job. This presentation was recorded for posterity. In May of 2006, Dankaye drowned off the coast of Biloxi, Mississippi. However, this minor setback will not stop Dan from giving his first presentation at Notacon...
|j0hnny's Greatest Hits: The Best of Johnny Long - Johnny Long|
The Shmoo Group has decided to play a bit of a prank on Johnny. Come watch him jump through flaming hoola-hoops while dodging high-powered fully-automatic Shmooballs and giving three different presentations in one! Johnny Long is a "clean-living" family guy who just so happens to like hacking stuff. Over the past two years, Johnny's most visible focus has been on this Google hacking "thing" which has served as yet another diversion to a serious (and bill-paying) job as a professional hacker and ...
|8 Dirty Secrets of the Security Industry - Bruce Potter|
The fox is guarding the hen house, and both the fox and the hens are making a lot of money in the process. Such is the state of the security industry in 2007. For the last 15 years, we have been building security into our networks and applications using concepts like "defense in depth" and "layered security." It turns out, that the attackers are now leveraging our security systems against us. Worse, we have made the security industry a self feeding, self fulfilling prophecy that may actually be ...
|OHM2013: Elger Jonker - Awesome Retro|
Awesome Retro is an organization that has it's roots in the hacker scene. Their mission is to make retrogaming possible for everyone. In this short talk the speaker showcases previous highlights and looks at what's going to happen in the near future.Presenter: Elger Jonker aka Stitchhttps://program.ohm2013.org/event/318.htmlDay 4 Start time 15:05 Duration 0:05 Location None Type Lightning_talk
Keywords: OHM2013; Elger Jonker; retro gaming; awesome retro
|Countering Attacks at Layer 2 - Eric Smith|
Network security at layer two is often overlooked because many administrators do not consider attacks from within to be a credible threat. This philosophy may apply to carefully firewalled data centers, but universities and other institutional settings are particularly vulnerable to attacks at layer two. Furthermore, nearly all wireless networks, even those employing WPA or 802.1x, can fall victim to the inherent trust designs of the underlying ethernet protocols...
|OHM2013: Ruud Schramp - Ram Memory Acquisition Using Live Bios Modification|
BIOS swap on server PC. Memory acquisition using firewire, reboot or userspace tools is standard. What if your intel motherboard BIOS wipes ECC memory and live plugging PCIe fails? The presentation describes an alternative way to initialise RAM using methods from the coreboot project. After initialisation the RAM can be dumped compressed over serial and a LPC-USB device.Event program page: https://program.ohm2013.org/event/157.html
Keywords: OHM2013; talk; Ruud Schramp; BIOS; RAM; RAM Acquisition; hacking; security; ECC
|Anonym.OS: Security and Privacy, Everywhere You Go - dr.kaos, digunix, atlas, and beth|
Privacy and anonymity are hard to come by these days. What's worse, many if not most, of the world's network users don't have the slightest idea of the levels of monitoring to which they are subjected, much less the proper chain of steps necessary to strengthen their communications channels. While there are applications and systems that provide heightened anonymity and confidentiality to users, all require user-knowledge of configuration and proper systems administration techniques...
|Behavioral Malware Analysis Using Sandnets - Joe Stewart|
The amount of malware being propagated in the wild is growing to staggering proportions. Many people are aware of the problem and would like to help stem the tide, but without significant skills in debugging and assembly language, most are left to simple "strings" analysis or VMWare-based sandbox behavioral analysis. The malware authors have responded by packing their creations with an ever-increasing array of packers, and utilizing sandbox-detection techniques to prevent themselves from running...
|OHM2013: Netz39/bastinat0r - Gathering Statistics With The SpaceApi|
In my current project I gather and visualize data from the spaceAPI. I will tell people about my project and what is cool about spaceAPI. Because we have no official opening hours at our hackerspace I wanted to gather statistics to see when the door is open. Then I extendet the software to work for all spaces in the directory of spaceAPI.net - you can see the result at http://spacestatus.bastinat0r.dePresenter: bastinat0rhttps://program.ohm2013.org/event/432.html
Keywords: OHM2013; talk; lightning talk; bastinat0r; spaceapi; space; hackerspace; Netz39
|8088 Corruption: Old School Hacking - Jim 'Trixter' Leonard|
A candidate for Most Stupid PC Trick, 8088 Corruption displays full-motion color video on a stock IBM PC with nothing more than a CGA card and a Sound Blaster Pro for audio. It became a minor web phenomenon when a video of it in operation was posted to the social news site Digg.com and was then later featured on Diggnation. In this presentation, Jim will explain the background of 8088 Corruption, including covering the techniques used to create it and how it can be further improved...
|OHM2013: Felicitus - Solar Powered Autonomous Routers|
Considerations on how to build a solar powered autonomous router, from planning phase to the final project. In this talk I'll go through the considerations on how to plan and build a solar powered autonomous router. This includes calculations on the solar panel size, which components the setup needs, how the system can do self-monitoring and what you can possibly do with such a system. This talk is also suitable to learn the basics for stand-alone photo-voltaic systems; you don't necessarily pow...
Keywords: OHM2013; talk; solar; solar power; router; autonomous; routing; SolarWind; Felicitus